What’s Behind Facebook’s Libra and What We Should Be Concerned About

By this time you may have already read about Libra, Facebook’s proposed cryptocurrency, and all the fuss about its relation to Facebook. Many questions have been coming up: Is Libra a payment instrument? Who is behind it? Why should we trust Facebook? Moreover, the European Union may be already investigating a potential anticompetitive behavior related to Libra. Although […]

Over the past few years, the major U.S. mobile carriers have been in the spotlight over allegations that they have been selling their subscribers’ real-time geolocation data, including highly precise assisted GPS (A-GPS) information designed for use with “Enhanced 911” (E911). The Federal Communications Commission requires mobile carriers to offer E911, a service that provides 911 operators with a wireless caller’s location information, generally accurate within 50 to 300 meters.

Federal Privacy Legislation Should Not Be Based on Data Ownership

There’s nothing wrong with saying that you “own” data. Public Knowledge has supported data ownership as a colloquialism that reflects an intuition: Data about us provides information regarding the intimacies of our very identity and existence. Speaking in this way, we should certainly “own” or have control over that data to protect our fundamental right to privacy.

A Regulator to Fit the Growing Regulatory Consensus

Facebook CEO Mark Zuckerberg recently published an op-ed in the Washington Post naming a role for government and regulation around four specific policies that continue to be concerns for users of Facebook and broader digital platforms. In two areas (privacy and political advertising) Zuckerberg reiterates Facebook’s agreement with previous legislative proposals, including parts of the General Data Protection Regulation (GDPR) in the European Union and (although not named) concepts from the Honest Ads Act introduced by Senators Amy Klobuchar, Mark Warner, and the late John McCain. In addition to these two topics, Zuckerberg also moves towards responding to calls from the public interest community for stronger content moderation of hateful content and for meaningful data portability to promote competition in a market that trends towards dominant platforms. While some may view yet another Facebook op-ed cynically, I believe this one should be welcomed.

Last week, thanks to investigative reporting, we learned that Facebook discovered in January that it was storing millions of users’ passwords in plain text format, making them fully readable for thousands of its employees. Facebook has acknowledged that this was a serious security error and privacy breach on its side, as its systems, ideally, “are designed to mask passwords using techniques that make them unreadable”, and promised that it “will be notifying everyone whose passwords we have found were stored in this way.” There is no evidence that any of the thousand employees with access to these unencrypted passwords actually accessed them, but Facebook’s decision to remain mum reveals an important lesson for the overarching privacy and security policy debate. Importantly, data security incidents are a widespread problem that goes well beyond Facebook.